Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Romania: ANSPDCP fines Banca Transilvania €100,000 for inadequate security measures
The National Supervisory Authority for Personal Data Processing ('ANSPDCP') announced, on 17 December 2020, its decision to fine Banca Transilvania SA RON 487,380 (approx. €100,000) as a result of a violation of Article 5(1)(f) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), relating to the controller's responsibility to ensure integrity and confidentiality of data, and Article 32 of the GDPR for inadequate security measures. In particular, the ANSPDCP highlighted that, further to complaints regarding the breach of confidentiality and failure to secure data, it investigated the company, and found that a listed document containing a client's statement, as well as an email containing the internal conversation between the company's employees was posted on Facebook and a website. More specifically, the ANSPDCP noted that the circulation of this listed document led to the unauthorised disclosure of personal data of four individuals and that the company had failed to take adequate technical and organisational security measure to safeguard data.
You can read the announcement, only available in Romanian, here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
